<?php session_start(); if(isset($_SESSION['log'])){ echo "Login, please! <br>"; unset($_SESSION['log']);}?>
<?php if(!isset($_POST['login'])){ ?>
<form action="index.php" method="POST">
    <input type="text" name="username" value="Website ID" />
    <input type="password" name="password" value="Password" />
    <input type="submit" value="Login" name="login" />
</form><?php
    }
    if(isset($_POST['login'])){
        include 'config.php';
        $link = mysql_connect($config['databaseURL'],
                $config['databaseUser'],
                $config['databasePassword']);
        mysql_select_db(users);
        $web=$_POST['username'];
        $query = "SELECT *
                  FROM `users`.`update_users`
                  WHERE `website` = '$web';";
        $result = mysql_query($query, $link) or die('agh!'.mysql_error());
        $compare = mysql_fetch_array($result);
        if($compare['password']==$_POST['password']){
            //echo "ha!";
            //include "updatePrice.php";

            $_SESSION['username']=$_POST['username'];
            $_SESSION['password']=$_POST['password'];
            $_SESSION['code']=$compare['storecode'];
            $URL="display.php";

            header ("Location: $URL");
        }
        else{
            echo "fail";
        }
    }
    else{
    }
?>
